'''
copyright: Copyright (C) 2015-2024, Wazuh Inc.

           Created by Wazuh, Inc. <info@wazuh.com>.

           This program is free software; you can redistribute it and/or modify it under the terms of GPLv2

type: integration

brief: Wazuh is able to detect vulnerabilities in the applications installed in agents using the Vulnerability Detector
       module. This software audit is performed through the integration of vulnerability feeds indexed by Redhat,
       Canonical, Debian, Amazon Linux and NVD Database.

components:
    - vulnerability_detector

suite: providers

targets:
    - manager

daemons:
    - wazuh-modulesd
    - wazuh-db

os_platform:
    - linux

os_version:
    - Arch Linux
    - Amazon Linux 2022
    - Amazon Linux 2
    - Amazon Linux 1
    - CentOS 8
    - CentOS 7
    - Debian Buster
    - Red Hat 8
    - Ubuntu Focal
    - Ubuntu Bionic
    - Ubuntu Xenial
    - Ubuntu Trusty
    - Ubuntu Jammy
    - SUSE Linux Enterprise Desktop 11
    - SUSE Linux Enterprise Desktop 12
    - SUSE Linux Enterprise Desktop 15
    - SUSE Linux Enterprise Server 11
    - SUSE Linux Enterprise Server 12
    - SUSE Linux Enterprise Server 15

references:
    - https://documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/index.html
    - https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/vuln-detector.html#provider

tags:
    - settings
    - vulnerability
    - vulnerability_detector
    - providers
'''
import pytest
from pathlib import Path
from datetime import date

from wazuh_testing.constants.daemons import ANALYSISD_DAEMON, MODULES_DAEMON, SYSCHECK_DAEMON
from wazuh_testing.constants.paths.logs import WAZUH_LOG_PATH
from wazuh_testing.utils.callbacks import generate_callback
from wazuh_testing.tools.monitors.file_monitor import FileMonitor
from wazuh_testing.utils.configuration import get_test_cases_data, load_configuration_template
from wazuh_testing.modules.modulesd.vulnerability_detector import patterns as cb
from wazuh_testing.modules.modulesd.configuration import MODULESD_DEBUG
from wazuh_testing.modules.monitord.configuration import MONITORD_ROTATE_LOG
from . import TEST_CASES_PATH, CONFIGURATIONS_PATH


pytest.skip("The tests will be deprecated, they test the old Vulnerability Detector.", allow_module_level=True)

pytestmark = [pytest.mark.server]

# Variables
local_internal_options = {MODULESD_DEBUG: '2', MONITORD_ROTATE_LOG: '0'}
daemons_handler_configuration = {'daemons': [ANALYSISD_DAEMON, MODULES_DAEMON, SYSCHECK_DAEMON]}

# Configuration and cases data
configurations_path = Path(CONFIGURATIONS_PATH, 'configuration_enabled.yaml')
cases_path = Path(TEST_CASES_PATH, 'cases_enabled.yaml')

# Enabled test configurations (t1)
configuration_parameters, configuration_metadata, case_ids = get_test_cases_data(cases_path)
configurations = load_configuration_template(configurations_path, configuration_parameters,
                                             configuration_metadata)

# Add <update_from_year> tag for NVD to download only the last year feed and speed up the testing process
for index, configuration in enumerate(configurations):
    if configuration['sections'][0]['elements'][1]['provider']['attributes'][0]['name'] == 'nvd':
        configuration['sections'][0]['elements'][1]['provider']['elements'].append(
            {'update_from_year': {'value': date.today().year}})


@pytest.mark.tier(level=0)
@pytest.mark.parametrize('test_configuration, test_metadata', zip(configurations, configuration_metadata),
                         ids=case_ids)
def test_provider_tag(test_configuration, test_metadata, set_wazuh_configuration, configure_local_internal_options,
                      truncate_monitored_files, daemons_handler):
    '''
    description: Check if modulesd downloads the feeds from different providers when enabled is set to yes.

    test_phases:
        - setup:
            - Set a custom Wazuh configuration.
            - Configure custom local_internal_options.
            - Truncate wazuh logs.
            - Restart wazuh-modulesd daemon to apply configuration changes.
        - test:
            - Check that the database provider is being updated.
        - teardown:
            - Truncate wazuh logs.
            - Restore initial configuration,and local_internal_options.
            - Restart modulesd to apply configuration.

    wazuh_min_version: 4.4.0

    tier: 0

    parameters:
        - test_configuration:
            type: dict
            brief: Wazuh configuration data. Needed for set_wazuh_configuration fixture.
        - test_metadata:
            type: dict
            brief: Wazuh configuration metadata
        - set_wazuh_configuration:
            type: fixture
            brief: Set the wazuh configuration according to the configuration data.
        - configure_local_internal_options:
            type: fixture
            brief: Set local_internal_options configuration.
        - truncate_monitored_files:
            type: fixture
            brief: Truncate all the log files and json alerts files before and after the test execution.
        - daemons_handler:
            type: fixture
            brief: Restart the wazuh-modulesd daemon.

    assertions:
        - If the provider tag is enabled, then the provider feed download starts.
        - If the provider tag is disabled, then the provider feed download does not start.

    input_description:
        - The `test_enabled.yaml` file provides the module configuration for this test.

    expected_output:
        - 'Starting <provider_name> database update'
    '''
    file_monitor = FileMonitor(WAZUH_LOG_PATH)

    file_monitor.start(callback=generate_callback(regex=cb.DATABASE_UPDATE_STARTING,
                                                  replacement={"provider_name": test_metadata['provider_name']}))
    if test_metadata['enabled'] == 'yes':
        assert file_monitor.callback_result is not None, f"Unexpected '{cb.DATABASE_UPDATE_STARTING}' event was found."
    else:
        assert file_monitor.callback_result is None, f"Unexpected '{cb.DATABASE_UPDATE_STARTING}' event was found."
